Code: p389 Severity: Warning
Description: This event is generated when a pong packet for the Trinoo (aka trin00) DDos suite is detected. Impact: This may indicate a compromised system or be the prelude to a Distributed Denial of Service (DDoS) attack. Corrective: Disconnect infected machine(s) from the network immediately. Use software to determine if a host has been compromised using a rootkit.
|
